1. Summary

2. Relevant Releases

VMware Workstation prior to version 11.1.1VMware Workstation prior to version 10.0.6VMware Player prior to version 7.1.1VMware Player prior to version 6.0.6VMware Fusion prior to version 7.0.1VMware Fusion prior to version 6.0.6

VMware Horizon Client for Windows prior to version 3.4.0VMware Horizon Client for Windows prior to version 3.2.1VMware Horizon Client for Windows (with local mode) prior to version 5.4.1

3. Problem Description

a. VMware Workstation and Horizon Client memory manipulation issues

VMware Workstation and Horizon Client TPView.dll and TPInt.dll incorrectly handle memory allocation. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon Client.

VMware would like to thank Kostya Kortchinsky of the Google Security Team for reporting these issues to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2012-0897 and CVE-2015-2336 (TPView.dll Code Execution), CVE-2015-2338 and CVE-2015-2339 (TPview.dll DoS), CVE-2015-2337 (TPInt.dll Code Execution), and CVE-2015-2340 (TPInt.dll DoS) to these issues.

Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

VMware Product

Product Version

Running on

Replace with/ Apply Patch

VMware Product
VMware Workstation

Product Version
11.x

Running on
windows

Replace with/ Apply Patch
11.1.1

VMware Product
VMware Workstation

Product Version
10.x

Running on
windows

Replace with/ Apply Patch
10.0.6

VMware Product
VMware Player

Product Version
7.x

Running on
windows

Replace with/ Apply Patch
7.1.1

VMware Product
VMware Player

Product Version
6.x

Running on
windows

Replace with/ Apply Patch
6.0.6

VMware Product
VMware Horizon Client for Windows

Product Version
3.3.x

Running on
windows

Replace with/ Apply Patch
3.4.0

VMware Product
VMware Horizon Client for Windows

Product Version
3.2.x

Running on
windows

Replace with/ Apply Patch
3.2.1

VMware Product
VMware Horizon Client for Windows (with local mode)

Product Version
5.x

Running on
windows

Replace with/ Apply Patch
5.4.2

b. VMware Workstation, Player, and Fusion Denial of Service vulnerability

VMware Workstation, Player, and Fusion contain an input validation issue on an RPC command. This issue may allow for a Denial of Service of the Guest Operating System (32-bit) or a Denial of Service of the Host Operating System (64-bit).

VMware would like to thank Peter Kamensky from Digital Security for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-2341 to this issue.

Column 4 of the following table lists the action required to remediate the
vulnerability in each release, if a solution is available.